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REMARKS 

Claims 1-30 were examined and rejected in this case. The Specification is being 
amended and claims 1, 15, 29 and 30 (i.e. all independent claims) are being amended. 
No new claims are being added and claims 1-30 remain pending in the application. 
Reconsideration of the application as amended is respectfully requested. 

No new matter is being added. The Specification is amended for reasons of 
clarity and correction of scriber's errors. The repeated present amendments of (all of) the 
existing independent claims 1, 15, 29 and 30 are also entered for clarity. Support can 
further be found at least in the embodiment summarized at page 5, lines 9-19 ("The 
global server includes a communications engine. . . security means. . . an applet which 
enables I/O with a secured service; and a keysafe for storing keys which enable access to 
the secured services"). See also page 4, line 17 - page 5, line 3 and page 6, lines 4-20. 

Claim Rejections under 35 USC §103 - Vogler i.v.o. Netscape version 2 

In item 4, the Examiner rejected claims 1-30 under 35 USC § 103 as being 
unpatentable over U.S. Patent No. 5,815,683 to Vogler ("Vogler") in view of Netscape 
version 2. The Examiner asserts that Vogler teaches a system which controls access to a 
service for downloading of an access connect applet to a prospective client after 
authentication. The Examiner admits that Vogler does not teach the use of the keysafe 
that stores a key which enables access to the service, but further asserts the following. 

The Examiner asserts Vogler as teaching that the access connect applet may 
gather authentication information, where "the type and extent of client information 
collected are application dependent"; thus, it would have been obvious to employ 
Vogler' s access facilitator with home banking systems, Internet shopping, and the like, 
employing a standard browser such as Netscape on the client side, including a piece of 
secret information to control access (i.e. a key), and using any or all of the "standard" 
security techniques used in on-line commerce (sheet 2, paragraph 5). The Examiner 
further takes Official notice that, while Vogler deals with a single "service", web sites 
linking to multiple services are ubiquitous and involving only obvious multiplicity to one 
skilled in the art (sheet 2, paragraph 6). The Examiner further asserts that many systems 
present different views to users authenticated at different levels of trust or at different 
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categories of ("client privileges"), such as Lexis/Nexis and ProQuest Direct. Applicant 
respectfully traverses. 

Vogler and Netscape version 2 not only fail to render the present invention 
obvious, but instead support that the present invention, as recited in independent claims 1 , 
15, 29 and 30 and the remaining dependent claims, is not obvious. The combination of 
these references would not produce or even suggest the present invention, and such 
references clearly teach away from the present invention both alone and in combination. 
It is further submitted that the extensive breadth the Examiner attributes to these 
references is unsupported, conclusory and requires the use of improper hindsight. 

Background Information 

By way of background, the present invention addresses problems most notably 
observed with regard to the "roaming user" for whom "maintaining identification and 
authentication is a cumbersome process". Applicant observed that complex use and 
tracking of multiple keys can be required and providing a roaming user with direct access 
to systems behind firewalls can compromise security. (Specification at page 4, line 17 - 
page 5, line 3). Consider, for example, the cumbersome maintenance and use of private 
and potentially service-specific information with each of a roaming user's devices, the 
potential unavailability of such information on a current user device or kiosk, and the 
compromise of security if such information (assuming it is available) is misappropriated. 

Embodiments of the invention therefore include and the claims recite apparatus 
and methods applicable but not limited to resolving problems associated with a roaming 
user. An embodiment of a global server enables client I/O with a secured service (page 5, 
line 24), and enables multiple levels of resource access based on such factors as user 
status, strength of identification and privacy a communications channel (page 6, lines 17- 
20). The global server further stores information such as network addresses of services, a 
user's public and private keys, the user's account numbers and firewall authentication 
information, such that the user need only maintain the URL of the global server and 
identification information, such as a password (page 1 1, lines 16 - page 12, line 4). The 
global server still further provides three selectable modes with which different levels of 
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secure access to services are enabled depending, for example, on whether a service is 
protected by a service firewall. Consistently therewith, claim 1 as amended recites: 

"1 . A system on a server computer system, comprising: 

a communications engine for establishing a communications link 
with a client; 

security services coupled to the communications engine for 
determining client privileges; 

a web server for enabling the client to select a service from a set of 
available services, the set of available services based on the client 
privileges; 

a host engine coupled to the security services and to the web server 
for providing to the client service communication code that enables 
communication with a selected service; and 

a keysafe for storing keys, each key for enabling communication 
between the client and a respective service from the set of available 
services, thereby enabling the client to access the available services 
without storing the service communication code and keys at the client. 

Claim 1 

First, Vogler fails to mention, let alone suggest, providing support for a roaming 
user. It is further submitted that, in contrast with using such user data and user-and- 
service-specific data as stored bookmarks, calendar data, pager numbers, etc. (see 
specification at page 17, lines 2-5), the CAD tools to which Vogler is directed would not 
be readily presumed as relating to a roaming user. We know that Vogler is specifically 
directed at using CAD tools because such direction and CAD tools are specified directly 
3 times in the Vogler abstract, directly or indirectly in nearly every paragraph and 
directly in every independent and nearly every dependent claim (at least 26 times in the 
claims alone). Vogler further fails completely to mention a single application, let alone 
considerations of making or using its invention other than with a particular CAD, and the 
Examiner's assertion that Vogler somehow applies to apparently all Internet applications, 
if not using impermissible hindsight, is confusing at best. 

Second, Vogler fails to mention or suggest the use of a global server or one or 
more similar apparatus or methods, as recited in claim 1 . Vogler is directed only at 
providing remote access to a CAD application via a facilitator. 
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No ability to select from available services is provided by Vogel, no 
communication with available "services" is provided according to user privileges, and no 
communication or access to services is provided in the manner recited in claim 1 . Rather, 
in Vogel, "the access service [i.e. access facilitator] includes services for accepting an 
access connection. . . an interworking address. . . [and an] access request from a client, and 
routing the access requests. . . [and] interworking address to a CAD tool on a CAD tool 
server, resulting in the CAD tool directly responding to the client" (Vogel at col. 1, lines 
38-45). Each successive client action involving the CAD tool is also similarly facilitated 
by the facilitator, which passes the selection to the CAD tool, and the CAD tool again (in 
each successful client-facilitator instance), uses the client interworking address to 
"respond" to the client action (col. 3, lines 1-17). Such lack of "communication" and 
"client access" is further essential to Vogler in that monitored client- facilitator client 
requests and separate tool server initiated connection to the supplied client address 
purportedly ensures CAD design data integrity (col. 3, lines 43-52 and col. 5, lines 57- 



Note also that Vogler would also be contrary to providing a secure client-service 
connection due to its essential use of two separate data transfer paths. Note further that 
the Vogel facilitated system would be contrary to providing the available services as in 
claim 1, since each communication would require establishing each of the processes and 
two data paths with each successive client-facilitator access request. 

Third, Vogel neither mentions nor suggests providing a client with service 
communication code that enables communication with a selected service, as 
recited in claim 1 . The Vogel client requests are monitored by a facilitator 
monitor and -assuming the facilitator can and does respond to the particular client 
request- the facilitator sends that request with the client address to the tool server; 
the tool server then sends a "response" directly to the client address provided by 
the client via the facilitator. 

Fourth, neither Vogel nor Netscape provides a keysafe or other suitable 
extra-client key providing mechanism, and neither enables the client to access 
available services without storing the service communication code and keys at the 
client as is recited in claim 1 . Rather, in Vogel, an access request applet prompts 
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the client for client information (col 4, lines 47-48) and submits the access 
information to an access "service" [i.e. a program] in the facilitator (col. 4, lines 
59-60). 

With regard to keys in particular, Vogel specifically notes the use of 
[Netscape] navigator version 3 or later at col. 4, line 18, and Netscape navigator 
was specifically cited by the Examiner. As the Examiner asserts (and as is 
common knowledge), Netscape Navigator resides on an Internet client and 
provides for storing at the client, public and private keys used in authentication. 
Thus, both Vogel and Netscape Navigator are in direct contradiction to claim 1 as 
recited. Rather, claim 1 specifically enables keys to NOT be stored at the client. 

The Examiner has further noted that Vogel at col. 3 lines 35-36 states that 
the "type and extent of client information collected are application dependent" 
(item 4, first paragraph). Firstly, Vogel provides not one example, one 
consideration or any basis by which such information might be utilized in making 
or using its invention. Secondly, if the Examiner's assertion is to be given effect, 
then any use of any data by a server is rendered obvious in his view. This could 
have a disastrous chilling effect on further innovation, is wholly unsupported and 
conclusory, would not support a Vogel claim to such effect and is contrary to the 
very purpose of patent protection. 

The Examiner also takes Official notice that web sites linking to multiple 
sites are ubiquitous. However, it is submitted that claim 1 enables a new and 
unobvious system that enables multiple services to be provided that was clearly 
not anticipated by the manner in which Vogel enabled one. Claim 1 further is 
capable of supporting each of the three communication modes between a client 
and a service that are more particularly taught in accordance with more specific 
embodiments of the invention: direct connection; proxy and global server 
provided service (or some combination). Impermissible hindsight aside, Vogel 
fails to teach even one of the three modes and further teaches a method that is 
contrary to and might render each one inoperable (either alone or in combination 
with Netscape Navigator); any combination with either reference would further 
fail to render claim 1 obvious for similar reasons. 
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Therefore, reconsideration of the rejection to claim 1, removal of Vogel 
and Netscape Navigator from future consideration and early allowance of claim 1 
is respectfully requested. 



Each of the remaining independent claims (claims 15, t 29 and 30) include 
similar limitations as have already been discussed with regard to claim 1 . Further, 
the remaining claims 2-14 and 16-28 are dependent claims subject to the same 
limitations as the respective independent claims. Therefore, reconsideration of 
the rejection of claims 2-30 and early allowance of claims 2-30 is respectfully 
requested for at least the same reasons as with claim 1 . 

Therefore, reconsideration of the rejections and early allowance of claims 
1-30 is solicited. 

If the Examiner has any questions or needs any additional information, the 
Examiner is invited to telephone the undersigned attorney at (650) 843-8796. If for any 
reason an insufficient fee has been paid, please charge the insufficiency to Deposit 
Account No. 05-0150. 



The Remaining Claims 




Palo Alto, CA 94304-1043 
Telephone (650) 856-6500 
Facsimile (650) 856-3619 



Squire, Sanders & Dempsey L.L.P. 
600 Hansen Way 




Attorney for[Applicant 
Registration No. 37,365 



Library: PaloAlto; Document #: 5548vl 



12 of 12 



